Ubuntu
cron package

CVE-2019-9705 fix limits to 1000 not 10000

Bug #1972830 reported by Andy Townsend
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cron (Ubuntu)
New
Undecided
Unassigned

Bug Description

According to
https://changelogs.ubuntu.com/changelogs/pool/main/c/cron/cron_3.0pl1-128.1ubuntu1.1/changelog
"ensure that no more than 1000 lines of
 length are allowed in crontabs"

However that change at Debian
https://salsa.debian.org/debian/cron/-/commit/26814a26

was very quickly superceded by
https://salsa.debian.org/debian/cron/-/commit/eba012444b2dcfaaeebc101848bcf42692f23499
("Increase maximum crontab length to 10,000 lines")

due to problems noted at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925276

Andy Townsend (someoneelseosm)
summary: - CVE-2019-9705 limits to 1000 not 10000
+ CVE-2019-9705 fix limits to 1000 not 10000
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.